[ovirt-users] Upgrade hosts/nodes from engine
James Michels
karma.sometimes.hurts at gmail.com
Wed Aug 17 08:34:12 UTC 2016
Why not just assign the host a publicly accessible IP address and restrict
SSH by firewall so only the engine (and possibly you) can access through
SSH?
James
2016-08-16 23:03 GMT+01:00 Hanson <hanson at andrewswireless.net>:
> Hi Guys,
>
> Quick question, I have my nodes on a bond-bridge-privateVlan setup, and my
> engine on a bond-bridge-publicVlan setup for remote monitoring.
>
> Understandably, the nodes are complaining that they are failing updates.
> (They're on a private vlan, and only configured with IP's in that vlan, the
> public vlan doesn't have IP's set on the hosts so they can pass it to VMs).
>
> Is there a way to have the engine do the updates on the node using its
> internet connection, like a proxy?
>
> For security reasons I like to have the nodes not publicly accessible, as
> we see hundreds if not thousands of ssh attempts, and root would probably
> be the most attacked account.
>
> Thanks,
>
> Hanson
>
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20160817/c519f1b4/attachment-0001.html>
More information about the Users
mailing list